radiant-reader-extension 3.0.5 → 3.0.7

data/README.md

@@ -8,7 +8,7 @@ The visitors are referred to as 'readers' here. Readers never see the admin inte
 
 ## Status
 
-Compatible with radiant 1, which isn't out yet. You can use radiant edge to try this out. Expect a few point releases as radiant 1 is finalised.
+Compatible with radiant 1, which is nearly out. You can use radiant edge to try this out. Expect a few point releases as radiant 1 is finalised.
 
 Multi-site compatibility is currently missing but will follow as soon as I can add a better scoping engine to radiant core.
 
@@ -41,11 +41,11 @@ and then you can bring over assets and create data tables:
 
 ## Configuration
 
-All the main configuration settings can now be managed through the `settings > readers` configuration pane. THey have sensible defaults but you will need to choose a layout for reader-administration views and supply the name and email address that messages should appear to come from.
+All the main configuration settings can now be managed through the `settings > readers` configuration pane. They have sensible defaults but you will need to choose a layout for reader-administration views and supply the name and email address that messages should appear to come from.
 
-## Usage
+## Readers
 
-This is primarily a framework and its main purpose is to take care of the tedious minutiae of account-management. The basic reader framework provides for:
+This is primarily a framework and its main purpose is to take care of the dull minutiae of account-management. The basic reader framework provides for:
 
 * registration
 * honeypot spam trap
@@ -59,6 +59,8 @@ This is primarily a framework and its main purpose is to take care of the tediou
 * administrative email messages for welcome, invitation, etc
 * ad-hoc email messages to some or all readers
 
+## Reader groups
+
 The extension also includes a group-based access control mechanism. You can organise your readers into groups (either by invitation or by public subscription) and any resource (eg a page) associated with one or more groups is visible only to their members. Anyone else attempting to access the page will be prompted to log in (or register, if registration is permitted).
 
 You can use the group mechanism in a simple way just to create self-selected interest groups, or you can disable public registration and use the full group-hierarchical functionality to provide a very secure system of controlled access to selected resources. 
@@ -120,7 +122,7 @@ There are four levels of directory visibility, and the behaviour of your site is
 * *none* is the default. No reader details are shown to anybody.
 * *public* means that anyone can see the directory. Individual readers can still opt out, but this is intended for public directory services with the expectation that people want to be shown.
 * *private* means that only logged in readers can see the directory. Useful for closed groups and works well as an internal directory for an organisation or team.
-* *grouped* means that only logged in people can see the directory and that they can only see the people with whom they share a group. Useful for more complex authorization requirements but also for sites that have a privileged core group and unprivileged guests.
+* *grouped* means that only logged in people can see the directory and that they can only see those people with whom they share a group. Useful for more complex authorization requirements but also for sites that have a privileged core group and unprivileged guests.
 
 ## Using readers in other extensions
 

data/app/controllers/groups_controller.rb

@@ -24,7 +24,7 @@ class GroupsController < ReaderActionController
 private
   
   def get_group_or_groups
-    @groups = Group.roots.visible_to(current_reader)
+    @groups = current_reader.all_visible_groups
     @group = Group.find(params[:id]) if params[:id]
   end
 
@@ -34,16 +34,4 @@ private
      end
   end
   
-  def generate_csv(readers=[])
-    columns = %w{forename surname email phone mobile postal_address}
-    table = FasterCSV.generate do |csv|
-      csv << columns.map { |f| t("activerecord.attributes.reader.#{f}") }
-      readers.each { |r| csv << columns.map{ |f| r.send(f.to_sym) } }
-    end
-  end
-
-  def generate_vcard(readers=[])
-    readers.map(&:vcard).join("\n")
-  end
-  
 end

data/app/views/accounts/_profile_form.html.haml

@@ -11,6 +11,13 @@
       = f.text_field :honorific, :class => 'standard'
       %span.formnote= t('reader_extension.form_notes.account.honorific')
 
+  %p
+    = f.label :email, nil, :class => 'required'
+    %br
+    = f.text_field :email, :class => 'standard'
+    %br
+    %span.formnote= t('reader_extension.form_notes.account.email')
+
   %p
     = f.label :phone, nil, :class => 'optional'
     %br

data/app/views/admin/groups/_chooser.html.haml

@@ -1,8 +1,14 @@
-// This is going to be a tree of checkboxes with some 
-// javascript to make visible the inheritance of permission. 
-// It will be used on pages, messages and any other group-linkable object.
+- chooser ||= @page
+- if chooser
+  - root ||= nil
+  - disabled ||= false
+  - branches = root ? root.children : Group.roots
 
-- Group.roots.each do |group|
-  = f.check_box :group_ids, {}, group.id
-  = f.label :group_ids, group.name, :class => 'checkbox'
-  %br
+  %ul{:class => root ? '' : 'tree'}
+    - branches.each do |group|
+      %li
+        - checked = chooser.has_group?(group)
+        = check_box_tag 'group_ids', group.id, checked, :id => "group_ids_#{group.id}", :class => "treebox", :disabled => disabled
+        %label{:for => "group_ids_#{group.id}", :class => 'checkbox'} 
+          = group.name
+        = render :partial => 'admin/groups/chooser', :object => chooser, :locals => {:root => group, :disabled => checked}

data/app/views/admin/messages/show.html.haml

@@ -34,17 +34,17 @@
     - delivery.function do
       - if @message.administrative?
         %p
-          - if @message.group
-            = t("reader_extension.belongs_to_group", :name => @message.group.name, :href => admin_group_url(@message.group))
+          - if @message.groups.any?
+            = t("reader_extension.belongs_to_groups", :links => @message.groups.map{ |g| link_to g.name, admin_group_url(g) }.to_sentence, :count => @message.groups.count)
             = t("reader_extension.message_group_administrative")
-            = t("reader_extension.message_function.#{@message.function}")
           - else
             = t("reader_extension.message_administrative")
-            = t("reader_extension.message_function.#{@message.function}")
+          = t("reader_extension.message_function.#{@message.function}")
       - else
         %p
           = t("reader_extension.message_adhoc")
-          = t("reader_extension.message_group_adhoc", :name => @message.group.name, :href => admin_group_url(@message.group))
+          - if @message.groups.any?
+            = t("reader_extension.message_group_adhoc", :links => @message.groups.map{|g| link_to g.name, admin_group_url(g)}.to_sentence, :count => @message.groups.count)
           
     - delivery.options do
       - unless @message.administrative?

data/app/views/admin/pages/_groups_column.html.haml

@@ -0,0 +1,7 @@
+- page ||= @current_node
+%td.access
+  - if page.visible?
+    =t('reader_extension.access_open')
+  - else
+    %span.access.draft_status{:title => t('reader_extension.access_restricted_to', :groups => page.groups.map(&:name).to_sentence)}
+      =t('reader_extension.access_restricted')

data/app/views/admin/pages/_groups_column_header.html.haml

@@ -0,0 +1,2 @@
+- include_stylesheet "admin/reader_group"
+%th.access= t('reader_extension.access')

data/app/views/admin/pages/_groups_popup.html.haml

@@ -0,0 +1,12 @@
+#groups_popup.popup{:style => "display: none"}
+  #groups_busy.busy{:style => "display: none"}= image('spinner.gif', :alt => "")
+  .popup_title
+    = t('reader_extension.access_control')
+  %p
+    = t('reader_extension.page_access_explanation')
+  %form.group_selection
+    = render :partial => 'admin/groups/chooser', :object => @page
+    .buttons
+      = submit_tag t('reader_extension.set_access'), :class=>'button', :id=>'add_page_field_button'
+      = t('or')
+      = link_to_function t('cancel'), "$(this).closePopup()", :class=>"cancel"

data/app/views/admin/pages/_page_groups.html.haml

@@ -1,7 +1,15 @@
+- include_stylesheet 'admin/reader_group'
+- include_javascript 'admin/reader'
+
 - groups = Group.find(:all)
 - if groups.any?
-  %p
-    = t('reader_extension.permitted_groups')
-    %br
-    - fields_for @page do |f|
-      = render :partial => 'admin/groups/chooser', :locals => {:f => f}
+  %p.access
+    %label
+      = t('reader_extension.access')
+    - if @page.visible?
+      = link_to t('reader_extension.access_open'), '#groups_popup', :class => 'popup unrestricted', :id => 'group_status_flag'
+    - else
+      = link_to t('reader_extension.access_restricted'), '#groups_popup', :class => 'popup restricted', :id => 'group_status_flag'
+  - fields_for @page do |f|
+    = f.hidden_field :group_ids
+    

data/app/views/admin/readers/index.html.haml

@@ -8,11 +8,20 @@
         %tr
           - render_region :thead do |thead|
             - thead.title_header do
-              %th.reader Name / Login
+              %th.reader 
+                = t('reader_extension.name')
+            - thead.email_header do
+              %th.email 
+                = t('reader_extension.email')
+            - thead.groups_header do
+              %th.reader_groups
+                = t('reader_extension.groups')
             - thead.description_header do
-              %th.reader_description Self-description
+              %th.reader_description 
+                = t('reader_extension.self_description')
             - thead.modify_header do
-              %th.modify Modify
+              %th.modify
+                = t('modify')
               
     %tbody
       - @readers.each do |reader|
@@ -23,16 +32,24 @@
                 = link_to gravatar_for(reader, {:size => 32}, {:class => 'avatar avatar_32x32'}), edit_admin_reader_url(reader)
                 = link_to reader.name, edit_admin_reader_url(reader), :class => reader.trusted? ? '' : 'untrusted'
                 %span.info
-                  = "(#{reader.login})"
+                  = "#{reader.login}"
                 - unless reader.notes.blank?
                   %p.admin_notes
                     %strong
                       note:
                     = reader.notes
 
+            - tbody.email_cell do
+              %td.reader_groups
+                = mail_to reader.email
+            
+            - tbody.groups_cell do
+              %td.reader_groups
+                = reader.groups.collect{|g| link_to(g.name, admin_group_url(g)) }.join("\n")
+
             - tbody.description_cell do
               %td.reader_description
-                = truncate_words(scrub_html(reader.description), 24)
+                = truncate_words(scrub_html(reader.description), 8)
 
             - tbody.modify_cell do
               %td.actions

data/app/views/readers/show.html.haml

@@ -5,6 +5,12 @@
 - content_for :title do
   = @reader.name
 
+- content_for :introduction do
+  = @reader.description
+  %p
+    = link_to t('reader_extension.edit_profile'), reader_edit_profile_url
+  
+
 - content_for :breadcrumbs do
   = yield :breadhead
   = t('reader_extension.separator')

data/config/initializers/radiant_config.rb

@@ -7,8 +7,8 @@ Radiant.config do |config|
     reader.define 'public?', :default => false
     reader.define 'directory_visibility', :select_from => %w{public private grouped none}, :allow_blank => false, :default => 'private'
     reader.define 'share_details?', :default => false
-    reader.define 'profiles_path', :default => ""
-    reader.define 'preferences_path', :default => ""
+    reader.define 'profiles_path', :default => "directory"
+    reader.define 'preferences_path', :default => "account"
     reader.define 'login_to', :default => "dashboard"
   end
   config.namespace('email') do |email|

data/config/locales/en.yml

@@ -10,7 +10,7 @@ en:
         role: "Role"
         admin: "admin?"
       reader:
-        description: "Biog or remarks"
+        description: "Explain yourself"
         email: "Email address"
         forename: "Forename"
         honorific: "Title or rank"
@@ -80,7 +80,12 @@ en:
   messages: "Messages"
   reader: "reader"
   reader_extension:
+    access: "Access"
+    access_control: "Restrict access"
     access_denied: "Not allowed!"
+    access_open: "Open"
+    access_restricted: "Restricted"
+    access_restricted_to: "only visible to %{groups}"
     account_settings: "Account settings"
     account_updated: "Your account has been updated"
     activate_account: "Activate your account"
@@ -104,7 +109,9 @@ en:
     and_try_again: "and try again."
     any_option: "<any>"
     at: "at"
-    belongs_to_group: 'This message belongs to the <a href="%{href}">%{name}</a> group.'
+    belongs_to_groups: 
+      one: 'This message is confined to the %{links} group.'
+      other: 'This message is confined to the %{links} groups.'
     belongs_to_these_groups: "This message is sent to these groups:"
     bold_required: "Fields with bold headings are required and will cause grumbling if left blank."
     but_not_active: 'but your account is not yet activated. Please check your email for our activation message.'
@@ -254,11 +261,14 @@ en:
       invitation: "when someone is invited to visit the site."
       password_reset: "when someone asks to reset their password."
       welcome: "when someone completes the registration and email-confirmation process."
-    message_group_adhoc: 'It is restricted to members of the <a href="%{href}">%{name}</a> group.'
+    message_group_adhoc:
+      one: 'It is restricted to members of the %{links} group.'
+      other: 'It is restricted to members of the %{links} groups.'
     message_group_administrative: "It is sent automatically"
     message_preview_introduction: "This is a snapshot of the message that was delivered to you %{date}. If it contains instructions they may now be out of date."
     mistaken_access_error: "If you think that's a mistake, and that you should be allowed to do whatever it was you just tried to do, please contact your site administrator."
     must_be_empty: "must be empty"
+    name_and_login: "Name and Login"
     navigation:
       account: "Preferences"
       activate: "Activate account"
@@ -296,6 +306,7 @@ en:
     or_edit_preferences: 'You can also <a href="%{url}">edit your account preferences</a>.'
     or_edit_profile: 'You can also <a href="%{url}">edit your profile</a> to add more information about yourself.'
     other_messages: "Ad-hoc messages"
+    page_access_explanation: "To restrict access to one or more groups, select them from the list below."
     page_not_public: "The page you have requested is not public. Please log in. If your account has the necessary permission you will be taken straight there."
     page_permission_denied: "You don't have permission to see the page that you have requested."
     page_private: "Sorry: you don't have permission to view that page."
@@ -355,6 +366,7 @@ en:
     return_to_page: "return to the page you were looking at before you started registering"
     select_all: "Select all"
     selected_people: "Selected people"
+    self_description: "Self-description"
     send_it_again: "send it again"
     send_message: "Send message"
     send_reset_button: "send me instructions"
@@ -363,6 +375,7 @@ en:
     sent_to_group: "sent automatically to the %{name} group"
     sent_to_these_groups: "sent automatically to these groups"
     separator: " &raquo; "
+    set_access: "Set access"
     set_message_function: "Message function"
     set_message_groups: "Message groups"
     set_new_password: "set new password"

data/db/migrate/20110812111934_groups_nested_set.rb

@@ -5,9 +5,9 @@ class GroupsNestedSet < ActiveRecord::Migration
     add_column :groups, :lft, :integer
     add_column :groups, :rgt, :integer
     
-    Group.reset_column_information
-    Group.rebuild!
-    Group.all.each {|g| g.save }
+    # Group.reset_column_information
+    # Group.rebuild!
+    # Group.all.each {|g| g.save }
   end
 
   def self.down

data/lib/radiant-reader-extension.rb

@@ -1,5 +1,5 @@
 module RadiantReaderExtension
-  VERSION = '3.0.5'
+  VERSION = '3.0.7'
   SUMMARY = %q{Reader/viewer/visitor registration, login and access-control for Radiant CMS}
   DESCRIPTION = %q{Provides reader/member/user registration and management functions including password-reminder, group-based page access control and administrative email.}
   URL = "http://radiant.spanner.org/reader"

data/lib/reader_admin_ui.rb

@@ -33,8 +33,8 @@ module ReaderAdminUI
             edit.form_bottom.concat %w{edit_timestamp edit_buttons}
           end
           reader.index = Radiant::AdminUI::RegionSet.new do |index|
-            index.thead.concat %w{title_header description_header modify_header}
-            index.tbody.concat %w{title_cell description_cell modify_cell}
+            index.thead.concat %w{title_header email_header groups_header description_header modify_header}
+            index.tbody.concat %w{title_cell email_cell groups_cell description_cell modify_cell}
             index.bottom.concat %w{buttons}
           end
           reader.remove = reader.index

data/public/javascripts/admin/reader.js

@@ -7,6 +7,42 @@ Toggle.SelectAllBehavior = Behavior.create(Toggle.CheckboxBehavior, {
   }
 });
 
+// This checkbox, when checked, will check and disable all others within the same containing element.
+// It's useful in a tree view when the checked property will be inherited.
+// For now I'm also using it to populate a hidden form field, but something more general would be preferable.
+//
+Treebox = Behavior.create({
+  onclick: function(e) {
+    this.toggle();
+  },
+  toggle: function() {
+    var state = this.element.checked;
+    this.element.up('li').down('ul').select('input').each(function (el) { 
+      el.checked = state; 
+      el.disabled = state == true;
+    });
+  }
+});
+
+GroupSelection = Behavior.create({
+  onsubmit : function(e) {
+    if (e) e.stop();
+    var group_list = this.element.getInputs('checkbox').collect(function(i) { if (i.checked && !i.disabled) return i.value; }).compact();
+    console.log('group_list: ', group_list);
+    if (group_list.length == 0) {
+      $('group_status_flag').removeClassName('restricted');
+      $('group_status_flag').addClassName('unrestricted');
+      $('group_status_flag').update('Open');
+    } else {
+      $('group_status_flag').removeClassName('unrestricted');
+      $('group_status_flag').addClassName('restricted');
+      $('group_status_flag').update('Restricted');
+    }
+    $('page_group_ids').value = group_list.join(',');
+    this.element.closePopup();
+  }
+});
+
 // This is a normal remote link that replaces itself with the response.
 //
 Remote.UpdatingLink = Behavior.create(Remote.Base, {
@@ -47,5 +83,7 @@ Event.addBehavior({
   'input.select_all': Toggle.SelectAllBehavior(),
   'a.fake_checkbox': Remote.UpdatingLink(),
   'a.inplace': Remote.UpdatingLink(),
-  'form.inplace': Remote.UpdatingForm()
+  'form.inplace': Remote.UpdatingForm(),
+  'input.treebox': Treebox(),
+  'form.group_selection': GroupSelection()
 });

data/reader_extension.rb

@@ -24,6 +24,9 @@ class ReaderExtension < Radiant::Extension
     end
     
     admin.page.edit.add :layout, "page_groups"
+    admin.page.edit.add :main, "groups_popup", :after => 'edit_popups'
+    admin.page.index.add :sitemap_head, "groups_column_header", :after => 'status_column_header'
+    admin.page.index.add :node, "groups_column", :after => 'status_column'
     
     tab("Readers") do
       add_item("Readers", "/admin/readers")

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: radiant-reader-extension
 version: !ruby/object:Gem::Version 
-  hash: 13
+  hash: 9
   prerelease: 
   segments: 
   - 3
   - 0
-  - 5
-  version: 3.0.5
+  - 7
+  version: 3.0.7
 platform: ruby
 authors: 
 - William Ross
@@ -15,8 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-09-08 00:00:00 +01:00
-default_executable: 
+date: 2011-09-27 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: radiant-layouts-extension
@@ -219,6 +218,9 @@ files:
 - app/views/admin/messages/new.html.haml
 - app/views/admin/messages/preview.html.haml
 - app/views/admin/messages/show.html.haml
+- app/views/admin/pages/_groups_column.html.haml
+- app/views/admin/pages/_groups_column_header.html.haml
+- app/views/admin/pages/_groups_popup.html.haml
 - app/views/admin/pages/_listed.html.haml
 - app/views/admin/pages/_page_groups.html.haml
 - app/views/admin/permissions/_page.html.haml
@@ -349,11 +351,10 @@ files:
 - spec/models/reader_spec.rb
 - spec/spec.opts
 - spec/spec_helper.rb
-has_rdoc: true
 homepage: http://radiant.spanner.org/reader
 licenses: []
 
-post_install_message: "\n  Add this to your radiant project with:\n\n    config.gem 'radiant-reader-extension', :version => '~> 3.0.5'\n\n  and if you haven't already, remember to enable ActionMailer in your\n  project's config/environment.rb.\n  "
+post_install_message: "\n  Add this to your radiant project with:\n\n    config.gem 'radiant-reader-extension', :version => '~> 3.0.7'\n\n  and if you haven't already, remember to enable ActionMailer in your\n  project's config/environment.rb.\n  "
 rdoc_options: []
 
 require_paths: 
@@ -379,7 +380,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.5.3
+rubygems_version: 1.8.10
 signing_key: 
 specification_version: 3
 summary: Reader/viewer/visitor registration, login and access-control for Radiant CMS